Microsoft Office Communications Server 2007 R2 (KB978367) Front-End service does not start if the connection to the root domain controller is lost

Symptom

Following two events will be seen in the Office Communications Server Event Log

Source: OCS WMI Consumer
Event ID: 20491
Task Category: (1002)
Level: Error
Keywords: Classic

Source: OCS Protocol Stack
Date: 2/4/2010 9:32:37 PM
Event ID: 14421
Task Category: (1001)
Level: Warning
Keywords: Classic

You have already ensured that the Child DC is designated as the global catalog server as per

https://technet.microsoft.com/en-us/library/cc782576(WS.10).aspx

The Root Domain DNS does not allow Zone Transfer to the Child DC's DNS.

OCS Logger Logs for LcsWmi Component shows:

0733 TL_ERROR(TF_COMPONENT) [0]0878.0898::02/16/2010-17:22:23.991.0000031a ((Shared),ADContext::CreateContext:AdContext.cpp(461))( 0000000000161770 ) DiscoverGlobalContainerLocation failed! hr = 8250(ERROR_DS_SERVER_DOWN)

Cause

The following SRV record is used to locate the Global Catalog Server in Child DC as per https://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx

_gc._tcp. SiteName . _sites. DnsForestName .

Enables a client to locate a global catalog (gc) server for this forest in the site named SiteName. The server is not necessarily a domain controller. Only a server that is running the LDAP service and functioning as the GC server for the forest named DnsForestName registers this SRV record (for example, _gc._tcp.charlotte._sites.contoso.com.).

 

Though the Child DC is designated as the global catalog server as per

https://technet.microsoft.com/en-us/library/cc782576(WS.10).aspx

It is based on the assumption that the above DNS SRV record is available through the DNS as per

https://technet.microsoft.com/en-us/library/cc739586(WS.10).aspx

Thus even if the Child DC is designated as the global catalog server but if the DNS SRV record is not available we will not be able to locate the Global Catalog Server in the Child DC.

To find the exact SRV record OCS Front-End is looking for capture the Netmon trace at the Front-End, and filter on "dns".

Resolution

Step 1:

https://vkbexternal/VKBWebService/ViewContent.aspx?scid=kb;EN-US;978367&PortalId=1

Step 2:

 

_gc._tcp. SiteName . _sites. DnsForestName .

Enables a client to locate a global catalog (gc) server for this forest in the site named SiteName. The server is not necessarily a domain controller. Only a server that is running the LDAP service and functioning as the GC server for the forest named DnsForestName registers this SRV record (for example, _gc._tcp.charlotte._sites.contoso.com.).

 Locate if the SRV record is available here:

1. Open the DNS snap-in and connect to a domain controller in the forest root domain.
2. Expand Forward Lookup Zones and then expand the forest root domain.
3. Click the _tcp container.
4. In the details pane, look in the Name column for _gc and in the Data column for the name of the server. The records that begin with _gc are global catalog SRV records.

 If the SRV record is available there, but if not available when:

1. Open the DNS snap-in and connect to a domain controller in the child domain.
2. Expand Forward Lookup Zones and then expand the forest root domain.
3. Click the _tcp container.
4. In the details pane, look in the Name column for _gc and in the Data column for the name of the server. The records that begin with _gc are global catalog SRV records.

Than one of the resolutions is to create a New Site under Forward Lookup Zone of the Child DC's DNS snap-in. Right Click Forward Lookup Zones -> New Zone -> Secondary zone -> Zone Name (same as the one in Root Domain) -> Specify the Master DNS Server (Root Domain DNS Server) . Once the Zone is created Right click the zone and Transfer from Master. Make sure the SRV records are now available at the Child DC's DNS. You may have to check if the Root Domain DNS allows Zone Transfer to the Child DC's DNS.

This can be verified by :

Open the DNS snap-in and connect to a domain controller in the forest root domain.

Expand Forward Lookup Zones and then expand the forest root domain.

Locate the Zone and Right Click -> Propoerties -> Zone Transfer

Make sure that the Child DC's DNS is listed in the Name Servers.

 

More Information

 

OCS Migrating Global Settings Container

 

https://technet.microsoft.com/en-us/library/dd441214(office.13).aspx

 

OCS Changes Made by Forest Preparation

 

https://technet.microsoft.com/en-us/library/dd425088(office.13).aspx

 

 

Administering the Global Catalog

 

https://technet.microsoft.com/en-us/library/cc782612(WS.10).aspx

 

 

How DNS Support for Active Directory Works

 

https://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx

 

 

How Domain Controllers Are Located in Windows

 

https://support.microsoft.com/kb/247811

 

Troubleshooting problems with promoting a domain controller to a global catalog server

 

https://support.microsoft.com/kb/910204

Comments

• Anonymous
  July 09, 2010
  Bad link to Update Rollup 4 Make sure your server OCS Front-End is at Cumulative Update 4. support.microsoft.com/default.aspx